SSO should remember username and password

Until recently, SSO remembered your username and password in the browser. At some point that changed, and now it requests that you enter both from scratch. That’s quite frustrating, as my LDAP password was generated by 1Password. This means having to boot up 1Password every time I need to log into something.

Could we revert back to the original behavior please? Otherwise, it means switching to a simple password for LDAP for me :frowning:

Hi @mcaceres,

could you please give us some more details: Do you have to enter your username/password on every site that is using Mozilla IAM? Or is this happening on specific sites/applications?

Best regards,
Henrik

/cc @kang @hidde @hdv

To add to Henrik’s questions: do you, by ‘remember’ mean that the 1Password browser extension would autofill your password for you after the login page loaded?

I personally use 1Password’s browser extension manually to fill in the username and password.

Both the automatic and the manual fill with browser extension are scenarios we tested for and they should work without having to copy/paste.

In any case, hopefully we can help debug and make this smoother for you.

Do you have to enter your username/password on every site that is using Mozilla IAM?

Not all the time. But when required to.

Or is this happening on specific sites/applications?

As above. Once I’m logged in, it’s fine… but it’s when the session expires for whatever reason I get into the bad situation.

I also just tried logging out from SSO through sso.mozilla.com, and now instead of working it just gives me a 500 Error (separate issue, but :confused:).

This is the annoying part (my browser knows my LDAP password, and yet Safari asks me to generate a password):

If you are wondering why I’m using Safari, I’m just illustrating what also happens on my iPhone. I access a lot of these service on mobile.

do you, by ‘remember’ mean that the 1Password browser extension would autofill your password for you after the login page loaded?

KeyChain, ideally. I’m trying to move off 1Password and just let MacOS and iOS deal with it. Although I have 1Password installed, I don’t use the browser extension because it rarely works for me (I open 1Password up manually instead).

Thanks @mcaceres for the details. So, to summarise you’d like the login page to work seemlessly with Safari’s password manager/ Keychain.

I tried to reproduce in Safari, and after I logged in it did recognise my password field and let me autofill (it did not offer to save, as most password managers do). I clicked the icon that appears in the password field (there might be a shortcut too).

Could you try clearing the login from our Keychain and then add it again?

I tried deleting the site info in KeyChain. Upon reloading sso.mozilla.com, it offered me to save my LDAP password (confirmed it did save to KeyChain correctly).

So, although it’s still offering to generate a new password, the LDAP password is indeed accessible from the :key: dropdown on the right of the input field.

I guess that’s good enough - but still a bit weird that it insists on generating a new password.

Glad it does make the password accessible for you now.

Weird that it wants to generate a new password. Fwiw, I’m using autocomplete="current-password" on the password field, in order to avoid that — some browsers and password managers do honour it.

Yeah, it’s weird that Safari doesn’t seem to honor “current-password”. Anyway, thanks for your patience working through this with me.

1 Like